<?php
if(!defined('GbIncl')){?>
<meta http-equiv="refresh" content="0;url=block.php" />
<?php }else{ ?>
<div class="section">
	<div class="section-title">AKUN PENGGUNA</div>
		<ul class="nice-list">
<?php
//Penangganan login jika form diisi
	if(isset($_POST['username']) && isset($_POST['password'])){
	//cek isian
		if(!empty($_POST['username']) && !empty($_POST['password'])){
			$ID_US=htmlspecialchars(stripslashes($_POST['username']));
			$PASSWORD_US=md5(htmlspecialchars(stripslashes($_POST['password'])));
			$myquery="select * from user_spm where ID_US='$ID_US' and PASSWORD_US='$PASSWORD_US' AND STATUS_US='1' limit 1";
			$result=mysql_query($myquery) or die (mysql_error());
			$myquery2="select * from user_spm where ID_US='$ID_US' and PASSWORD_US='$PASSWORD_US' AND STATUS_US='0' limit 1";
			$result2=mysql_query($myquery2) or die (mysql_error());
			if (mysql_num_rows($result) == 1) {
			//jika username dan password cocok
				$pengguna=mysql_fetch_object($result);
				$_SESSION['login']=true;
				$_SESSION['ID_US']=$pengguna->ID_US;
				$_SESSION['NAMA_US']=$pengguna->NAMA_US;
				$_SESSION['PASSWORD_US']=$pengguna->PASSWORD_US;
				$_SESSION['ID_JABS']=$pengguna->ID_JABS;
				}else if (mysql_num_rows($result2) == 1) {
					echo "<li><b>AKUN BELUM DISETUJUI!</li><li>HUBUNGI ADMIN</b></li>";
					}else if (mysql_num_rows($result) == 0) {
					//jika username dan password tidak cocok
						echo "<li><b>PENGGUNA / SANDI SALAH!</li><li>HUBUNGI ADMIN</b></li>";
					} 
		} else {
		  //jika form kosong munculkan pesan
			echo "<li><b>PENGGUNA / SANDI KOSONG!</b></li>";
		}
	} 
?>
	<?php if(!isset($_SESSION['login'])){?>	
    <form id="Flogin" name="Flogin" method="post" action"" ><input name="username" type="text" class="text" size="29" placeholder="ID PENGGUNA"/><br /><input name="password" type="password" size="29" class="text" placeholder="SANDI"/><br /><input type="submit" name="button" id="button" class="button" value="Masuk" /> | <a href="">LUPA AKUN</a> | <a href="">DAFTAR</a></form>	
	<?php }else{ ?>
            <br /><b><?php echo "$_SESSION[NAMA_US]" ?></b>
            </ul>
            <div id="cssmenu">
            <ul>      
            <li class="hus-sub"><?php echo "<a href=../spm-itats/cpanel?setting=akun><b>Pengaturan</b></a>";?></li>
            <li class="hus-sub" title="Keluar dari Otentifikasi"><a href="logout.php">Keluar</a></li>
            </ul>
            </div>
    <?php } ?>
</div>
<br />
<?php } ?>
